windows平台下的Metasploit在执行某些auxiliary模块,例如auxiliary/scanner/portscan/syn时会报Pcaprub module is not available错误。本文的主要目的是解决这个错误。
    


    首先下载并安装devkit,当前版本是DevKit-tdm-32-4.5.2-20111229-1559-sfx.exe。在windows平台下直接安装pcaprub(gem install pcaprub)会报错,错误如下:
Temporarily enhancing PATH to include DevKit...
Building native extensions.  This could take a while...
ERROR:  Error installing pcaprub:
        ERROR: Failed to build gem native extension.

        C:/Ruby/bin/ruby.exe extconf.rb

[*] Running checks for pcaprub code...
platform is i386-mingw32
checking for main() in -lws2_32... yes
checking for main() in -liphlpapi... yes
checking for windows.h... yes
checking for winsock2.h... yes
checking for iphlpapi.h... yes
checking for pcap_open_live() in -lwpcap... no
checking for pcap_setnonblock() in -lwpcap... no
creating Makefile

make
gcc -I. -IC:/Ruby/include/ruby-1.9.1/i386-mingw32
-I/C/Ruby192/include/ruby-1
.9.1/ruby/backward -I/C/Ruby/include/ruby-1.9.1 -I. -DHAVE_WINDOWS_H
-DHAVE_W
INSOCK2_H -DHAVE_IPHLPAPI_H    -O3 -g -Wextra -Wno-unused-parameter
-Wno-parenth
eses -Wpointer-arith -Wwrite-strings -Wno-missing-field-initializers
-Wno-long-l
ong  -o pcaprub.o -c pcaprub.c
pcaprub.c:8:18: fatal error: pcap.h: No such file or directory
compilation terminated.
make: *** [pcaprub.o] Error 1
    主要是因为找不到pcap.h,下载WpdPack_4_1_2并将其解压到c盘,最终路径为C:\WpdPack。下载pcaprub并解压到任意目录,在pcaprub\ext\pcaprub目录下找到extconf.rb并编辑。先确认C:/WpdPack路径正确,然后在pcap_libdir 和have_library之间添加两行代码:
    $CFLAGS  = "-I#{pcap_includedir}"
    $LDFLAGS = "-L#{pcap_libdir}"
    最终效果如下图所示:


     打开windows命令行并切换至pcaprub根目录执行gem build pcaprub.gemspec,然后执行gem install pcaprub-0.11.3.gem即可。